With the Russian invasion of Ukraine, higher education institutions in Tallahassee are on high alert and keeping their online systems under scrutiny.
President Joe Biden warned again Monday that Russia may be preparing to wage cyberattacks against the United States in retaliation for the economic sanctions the U.S. and its NATO allies have levied against Moscow.
Both Russia and Ukraine have also recruited what experts call “shadowy armies of volunteer hackers, proxy foreign fighters on keyboards.”
Russia has a long and demonstrated history of unleashing powerful cyberweapons against its adversaries, former top Pentagon cybersecurity official Lucian Niemeyer told USA TODAY. And once that happens, they can spread virtually anywhere – and potentially everywhere – without the ability to control them, he said.
With the threat of direct or inderict cyberattacks growing, Florida A&M University, Florida State University and Tallahassee Community College are taking precautions and urging cyber security awareness around campus.
Other news:
Russia and Ukraine conflict heightens FSU’s awareness
Florida State’s IT Services has had security protocols set up, such as their 2-factor authentication for students, faculty and staff. A year prior to implementing 2FA, there were about 7,000 compromised accounts associated with the university. The implementation dropped the number down to less than 300 accounts.
The university has also been registered with the U.S. Cybersecurity and Infrastructure Security Agency’s Cyber Hygiene Vulnerability Scanning as a protective action.
“What’s going on with Russia — because we have a track record there — has heightened our awareness,” Chief Information Security Officer Bill Hunkapiller said. FSU IT reaches out to all the departments on campus that have assets they can help protect and keeps them informed when something may be going wrong.
Rick Burnette is the associate provost for Strategy and Analytics and interim chief information officer. He compared bad actors in cybersecurity to the idea that once they get into the building, the interior doors are oftentimes not blocked — that’s what they’re trying to prevent.
“The target, you would think, from a country perspective would be more at the nation’s infrastructure as opposed to a university,” Burnette said. “We would hope that’s the case, but it doesn’t mean that anybody’s safe.”
The university encourages its community to join in on helping to maintain a safe cyberspace. It provides faculty and students with resources such as the Seminole Secure program, cybersecurity awareness training, defensive action training and a series of events in October for National Cybersecurity Awareness Month.
FAMU encourages students to stay vigilant
FAMU’s Chief Information Officer and Vice President for Information Technology Robert Seniors has sent out messages providing guidance to students, faculty and staff on how to stay vigilant.
“From an emergency management perspective, we have been actively working with the Cybersecurity and Infrastructure Security Agency (CISA) to gather intelligence regarding the latest cyber threats,” FAMU’s Emergency Management Director Ashley Davis said.
The institution continues to work with fellow state universities and the International Association of Emergency Managers to share best practices. Through their continued work, they discussed the threats going on with the conflict between Russia and Ukraine and the resources CISA has to help enhance cybersecurity in universities.
“As we continue to work with our county, state and federal partners, we can only grow stronger together,” Davis said.
TCC blocks thousands of suspect messages
One of the protective measures TCC has in place to increase security is blocking messages that are trying to hack the campus with phishing, spoofing or malware.
According to TCC’s Vice President of Information Technology Bret Ingerman, on March 7 alone the university blocked 20,000 of these messages; in the past 30 days from that date, the college blocked over 627,000 messages.
“It’s important for people to always be aware of the fact that hackers are constantly doing whatever they can to gain access to data and systems,” Ingerman said. “With what’s happening in Ukraine right now, places like TCC and other schools may not be directly affected by the specific activities happening, but hackers worldwide use this as an opportunity to increase their attempt to try and hack into systems.”
To keep employees aware of the tactics that hackers use, TCC regularly sends out the phishing email messages it receives to employees as examples of messages similar to what the hackers send.
TCC also requires all employees to take security training once a year. The same level of training is not offered to the students; however, KnowBe4, the company the college uses for its data security training, has a free online training class that students can take.
“Hackers are busy all the time,” Ingerman said. “I think what’s happening now just increases our awareness of that and tries to encourage people to be more diligent.”
Contact Tarah Jean at tjean@tallahassee.com or follow her on twitter @tarahjean_.